--On Monday, June 20, 2005 07:34:11 +0300 Rumen Yotov <[EMAIL PROTECTED]> wrote:
> Hi, > Recently began using flawfinder& rats and they're working (logging > things). For now don't have time to look at the logs (beside *me* needing > more time to check them), so is there some place/person which > collects/is_interested in such info. Maybe some meta-bug or other, or > just send they upstream (if correct)? > Any experiences with them, are they correct? > Thanks. Rumen. No, they're very little practical use. If you're stuck and need an "entry point" to start auditing from, they may give you a list of places to start looking, but this is effectively no better than `grep strcat *.c`. -- ------------------------------------- [EMAIL PROTECTED] | finger me for my gpg key. -------------------------------------------------------
pgph18FNoVctA.pgp
Description: PGP signature